AI Cybersecurity Threats

The Five Eyes Just Issued Their First Joint Warning on AI Agents. The Core Problem Is Access.

June 3, 2026
The Five Eyes Just Issued Their First Joint Warning on AI Agents. The Core Problem Is Access.

Latest articles

The First Android Malware That Asks Google's Gemini Which Button to Tap
AI-Generated Malware

The First Android Malware That Asks Google's Gemini Which Button to Tap

PROMPTSPY is the first Android backdoor to outsource its decisions to Google's Gemini, asking the AI which button to tap. ESET caught it early. The blueprint is now public.

June 3, 2026
World ID 4.0 Wants to Be the Internet's Proof You Are Human. Read the Fine Print.
Deepfakes & Identity Theft

World ID 4.0 Wants to Be the Internet's Proof You Are Human. Read the Fine Print.

World ID 4.0 turns an iris scan into a portable proof of human for the AI era, now wired into Zoom and Okta. The deepfake defense is real. So are the risks.

June 3, 2026
Researchers Threw 20,000 Attacks at AI Guardrails. Only the One Outside the Model Survived.
AI Cybersecurity Threats

Researchers Threw 20,000 Attacks at AI Guardrails. Only the One Outside the Model Survived.

A team ran an adaptive attacker at nine AI defenses across 20,000 attempts. Every guardrail that trusted the model to police itself broke. Only outside code held.

June 2, 2026
Your Peace-Sign Selfie Can Leak a Fingerprint You Can Never Reset
AI Privacy

Your Peace-Sign Selfie Can Leak a Fingerprint You Can Never Reset

A Chinese TV demo pulled a usable fingerprint from a celebrity's peace-sign selfie. The pose is everywhere — and unlike a password, a fingerprint can't be reset.

June 1, 2026
AI Wrote Malware to Steal From Claude. The Malware Leaked Its Own Keys.
AI-Generated Malware

AI Wrote Malware to Steal From Claude. The Malware Leaked Its Own Keys.

A malicious npm package used AI to steal from Claude's sandbox — then hard-coded its own GitHub token into the payload. The crime tooling bar is shifting.

May 31, 2026
Cryptojackers Just Added Your AI Assistant to Their Distribution Channel
AI Phishing & Social Engineering

Cryptojackers Just Added Your AI Assistant to Their Distribution Channel

Microsoft caught a cryptojacking gang seeding malicious download links inside AI chatbot answers. Here's how the lure works — and what your team has to change.

May 30, 2026
Cisco Just Changed How It Tells You About Bugs. The CVE Flood Is Here.
AI Cybersecurity Threats

Cisco Just Changed How It Tells You About Bugs. The CVE Flood Is Here.

Cisco rewrote its vulnerability disclosure rules as AI tools push CVE volumes up 100–500% across major vendors. What your patch workflow has to change.

May 30, 2026
OpenAI Confirms TanStack Worm Breach. Every macOS App Has to Be Re-Signed.
AI Cybersecurity Threats

OpenAI Confirms TanStack Worm Breach. Every macOS App Has to Be Re-Signed.

OpenAI confirmed two developer laptops were compromised in the Mini Shai-Hulud TanStack worm. macOS users have until June 12 to update before certs revoke.

May 30, 2026
Google Catches the First AI-Built Zero-Day in the Wild
AI-Generated Malware

Google Catches the First AI-Built Zero-Day in the Wild

Google caught attackers using an AI model to build a working zero-day 2FA bypass — the first confirmed case in the wild. Here is what to change today.

May 30, 2026
AI Just Wrote a Working Zero-Day. The Exploitation Window Is Now Hours.
AI-Generated Malware

AI Just Wrote a Working Zero-Day. The Exploitation Window Is Now Hours.

Google's threat intelligence team caught the first AI-built zero-day in the wild — a 2FA bypass meant for mass exploitation. What defenders need to do now.

May 30, 2026
Comment and Control: one prompt pattern hijacks Claude Code, Gemini CLI, and GitHub Copilot
AI Cybersecurity Threats

Comment and Control: one prompt pattern hijacks Claude Code, Gemini CLI, and GitHub Copilot

A single GitHub comment can hijack Claude Code, Gemini CLI, and Copilot Agent — and exfiltrate every secret in the runner. What CI teams should change today.

May 30, 2026
A Single HTTP Request Hands Out Shells on Most Public ChromaDB Servers
AI Cybersecurity Threats

A Single HTTP Request Hands Out Shells on Most Public ChromaDB Servers

HiddenLayer disclosed a pre-auth RCE in ChromaDB's Python server — exploitable by anyone on the internet. The vendor has been silent for three months.

May 25, 2026
Microsoft Just Open-Sourced the AI Agent Red-Team Stack It Uses Internally
AI Cybersecurity Threats

Microsoft Just Open-Sourced the AI Agent Red-Team Stack It Uses Internally

Microsoft just open-sourced RAMPART and Clarity — the AI-agent red-team and design-review tools it uses internally. What this changes for AppSec teams.

May 25, 2026
WormGPT and Beyond: How AI Is Lowering the Bar for Cybercrime
AI-Generated Malware

WormGPT and Beyond: How AI Is Lowering the Bar for Cybercrime

Off-the-shelf jailbroken LLMs let non-coders generate working malware in minutes. Here is what defenders need to know.

May 22, 2026
The 2026 AI Threat Landscape: A Field Guide for Security Teams
AI Cybersecurity Threats

The 2026 AI Threat Landscape: A Field Guide for Security Teams

From agentic malware to AI-enabled supply chain attacks, the seven attack vectors security teams need on their radar this year.

May 25, 2026
What ChatGPT, Claude, and Gemini Remember About You
AI Privacy

What ChatGPT, Claude, and Gemini Remember About You

Memory features in modern AI assistants persist across sessions. Here is exactly what data is stored, how to inspect it, and how to delete it.

May 22, 2026
Five Tools to Verify If an Image or Article Was AI-Generated
Misinformation & Fake Content

Five Tools to Verify If an Image or Article Was AI-Generated

Before you share that viral photo or read that breaking news, check it through these detection tools. Each has different strengths and known blind spots.

May 22, 2026
Why AI Phishing Emails Bypass Every Filter You Trust
AI Phishing & Social Engineering

Why AI Phishing Emails Bypass Every Filter You Trust

LLM-written phishing has none of the spelling errors or awkward phrasing security training warned you about. Here is the new shape of these attacks.

May 22, 2026
Three Seconds of Audio Is All It Takes: The Rise of Voice Cloning Scams
Voice Cloning

Three Seconds of Audio Is All It Takes: The Rise of Voice Cloning Scams

Modern voice clones need only a short voicemail. The grandparent scam has gone AI. Here is the safe-word system every family should agree on.

May 22, 2026
How to Spot a Deepfake Video in 60 Seconds
Deepfakes & Identity Theft

How to Spot a Deepfake Video in 60 Seconds

Six visual and audio tells that still give away most AI-generated faces, plus the tools that can confirm what your eyes suspect.

May 30, 2026
The $25 Million Deepfake Heist — And What It Means for Your Business
AI Scams & Fraud

The $25 Million Deepfake Heist — And What It Means for Your Business

A finance worker in Hong Kong wired $25M after a video call with what looked like his CFO. Every other person on the call was AI. Here is what to learn.

May 26, 2026

Practical guides to protect yourself, your family, and your business from AI-driven scams, deepfakes, and emerging cyber threats.

AI-Generated Malware
AI Cybersecurity Threats
AI Privacy
Misinformation & Fake Content
AI Phishing & Social Engineering
Voice Cloning
Deepfakes & Identity Theft
AI Scams & Fraud
AI Cybersecurity Threats

The Five Eyes Just Issued Their First Joint Warning on AI Agents. The Core Problem Is Access.

The Five Eyes Just Issued Their First Joint Warning on AI Agents. The Core Problem Is Access.

Popular articles

AI Voice Cloning Found the Door MFA Never Locked: Your Help Desk

AI Voice Cloning Found the Door MFA Never Locked: Your Help Desk

A Booby-Trapped Web Page Can Turn Your ChatGPT Summary Into a Phishing Page

A Booby-Trapped Web Page Can Turn Your ChatGPT Summary Into a Phishing Page